linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.00042
Percentile:
0.12075
CVSS Scoring
CVSS v3.1 Score: 5.5
Severity: MEDIUM
Mapped CWE(s)
-
CWE-59
: Improper Link Resolution Before File Access ('Link Following')
All CAPEC(s)
-
CAPEC-132: Symlink Attack
-
CAPEC-17: Using Malicious Files
-
CAPEC-35: Leverage Executable Code in Non-Executable Files
-
CAPEC-76: Manipulating Web Input to File System Calls
CAPEC(s) with Mapped TTPs
-
CAPEC-132: Symlink Attack
Mapped TTPs:
-
CAPEC-17: Using Malicious Files
Mapped TTPs:
-
T1574.005
: Executable Installer File Permissions Weakness
-
T1574.010
: Services File Permissions Weakness
-
CAPEC-35: Leverage Executable Code in Non-Executable Files
Mapped TTPs:
Mapped ATT&CK TTPs
-
T1547.009
: Shortcut Modification
Kill Chain: persistence
-
T1574.005
: Executable Installer File Permissions Weakness
Kill Chain: persistence
-
T1574.010
: Services File Permissions Weakness
Kill Chain: persistence
-
T1027.006
: HTML Smuggling
Kill Chain: defense-evasion
-
T1027.009
: Embedded Payloads
Kill Chain: defense-evasion
-
T1564.009
: Resource Forking
Kill Chain: defense-evasion
Malware
APTs Threat Group Associations
Campaigns
Affected Products
- cpe:2.3:a:ekg_project:ekg:*:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
← Back to Home